Deepfence Detection & Response is a cloud-native application protection platform that uses eBPF-based sensors to provide runtime security monitoring and threat response capabilities. The platform consists of two main components: ThreatMapper for vulnerability and configuration analysis, and ThreatStryker for traffic filtering and runtime protection. The solution deploys lightweight sensors across various infrastructure types including Kubernetes nodes, Docker hosts, bare metal servers, virtual machines, and serverless instances. These sensors collect security telemetry from hosts and send data to the Deepfence Console for analytics and reporting. The platform monitors attack surfaces by identifying and prioritizing vulnerabilities and potential entry points. It provides visibility into live network traffic, including both encrypted and plain text communications, to detect threat actor activity in real-time. The system enables real-time threat response capabilities to neutralize detected threats. Sensors are deployed as daemonsets on Kubernetes clusters, as Docker containers on Docker hosts and bare metal/VM platforms, and as daemon services on AWS Fargate for serverless deployments. The architecture supports both Windows and Linux operating systems and maintains secure host-to-console communications to keep data private. The solution is designed to provide deeper visibility than agentless solutions while maintaining lower performance impact compared to traditional heavyweight agents.